[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-arm] [PATCH v2 4/5] arm: boot: Add secure_board_setup flag
From: |
Peter Crosthwaite |
Subject: |
Re: [Qemu-arm] [PATCH v2 4/5] arm: boot: Add secure_board_setup flag |
Date: |
Fri, 30 Oct 2015 14:24:40 -0700 |
On Fri, Oct 30, 2015 at 2:14 PM, Peter Maydell <address@hidden> wrote:
> On 30 October 2015 at 20:59, Peter Crosthwaite
> <address@hidden> wrote:
>> On Fri, Oct 30, 2015 at 1:49 PM, Peter Maydell <address@hidden> wrote:
>>> I thought you were planning to have the generic code do the
>>> S->NS transition; but I guess it works better in the board
>>> code (we have to go up into Monitor and back down again, right?)
>>>
>>
>> Yes I had to change my mind on this one. The issue was that ARM arch
>> doesn't guarantee a NS switch by simply modding SCR.NS inline and I
>> wanted to follow this convention. The recommended way is via eret
>> (presumably from monitor mode?). So to implement this for highbank I
>> do a dummy SMC after the SCR.NS switch (from secure EL1). This can't
>> be done generically as board-setup may or may-not install a functional
>> monitor.
>>
>>> Is it an error for the board to set secure_board_setup if
>>> the CPU doesn't have EL3? (if so, worth mentioning in this
>>> comment; maybe assert?)
>>>
>>
>> I don't like assert, as has_el3 is in theory is user modifiable (via
>> either -cpu transplants or directly via -global). I think it is an
>> error_exit().
>
> The other question is what happens on a board like this if
> the user says -enable-kvm -cpu cortex-a15 ? Does that get us
> a CPU without the EL3 property? (I forget...) In any case it
> shouldn't be an error unless the board genuinely can't work
> with KVM at all, and if we're using KVM then the board
> blob definitely won't be running in Secure (and can't flip
> to Monitor mode either).
I think all we can do is exit on !kvm and have the board if() the
firmware blob for the same. What is supposed to actually happen when a
virtualized guest running under KVM calls SMC? Does the VM have any
say on what that SMC does or is that the property of the host OS? The
latter suggests that Highbank Linux simply cannot be run under KVM.
Regards,
Peter
>
> thanks
> -- PMM
- [Qemu-arm] [PATCH v2 0/5] ARM: Machine specific boot blobs, Peter Crosthwaite, 2015/10/30
- [Qemu-arm] [PATCH v2 1/5] arm: boot: Adjust indentation of FIXUP comments, Peter Crosthwaite, 2015/10/30
- [Qemu-arm] [PATCH v2 2/5] arm: boot: Add board specific setup code API, Peter Crosthwaite, 2015/10/30
- [Qemu-arm] [PATCH v2 3/5] arm: xilinx_zynq: Add linux pre-boot, Peter Crosthwaite, 2015/10/30
- [Qemu-arm] [PATCH v2 4/5] arm: boot: Add secure_board_setup flag, Peter Crosthwaite, 2015/10/30
- Re: [Qemu-arm] [PATCH v2 4/5] arm: boot: Add secure_board_setup flag, Peter Crosthwaite, 2015/10/30
- Re: [Qemu-arm] [PATCH v2 4/5] arm: boot: Add secure_board_setup flag, Peter Maydell, 2015/10/31
[Qemu-arm] [PATCH v2 5/5] arm: highbank: Implement PSCI and dummy monitor, Peter Crosthwaite, 2015/10/30
Re: [Qemu-arm] [PATCH v2 0/5] ARM: Machine specific boot blobs, Peter Maydell, 2015/10/30